A privilege escalation flaw was found in Podman. This flaw allows an malicious user to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
podman project podman |
||
psgo project psgo |
||
redhat enterprise linux workstation 7.0 |
||
redhat enterprise linux 7.0 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux for power little endian 7.0 |
||
redhat enterprise linux for ibm z systems 7.0 |
||
redhat enterprise linux 8.0 |
||
redhat developer tools 1.0 |
||
redhat quay 3.0.0 |
||
redhat openshift container platform 4.0 |
||
redhat enterprise linux server for power little endian update services for sap solutions 8.6 |
||
redhat enterprise linux for ibm z systems 8.6 |
||
redhat enterprise linux server aus 8.6 |
||
redhat enterprise linux server tus 8.6 |
||
redhat enterprise linux eus 8.6 |
||
redhat enterprise linux for power little endian 8.6 |
||
redhat enterprise linux server update services for sap solutions 8.6 |
||
fedoraproject fedora 34 |
||
fedoraproject fedora 35 |